Securing Java web applications using FORM-based container-managed security
Tuesday, November 20th, 2007This is a simple example on how to secure a Java web application (regardless of whether it is based on Servlets, JSPs, Struts, Spring, JSF, or any other combination) using just simple FORM-based container-managed security. True, other, much more sophisticated security frameworks exist, but this is by far the simplest way to wrap a security layer around an application regardless of its underlying implementation.
We also demonstrate how to authenticate users against a relational database (in this case we used MySQL).
The example application shown below was tested on Tomcat, but the principles should work on any modern Java EE servlet container.
